By clicking “I agree”you agree to the use by us and our third-party partners of cookies and data gathered from your use of our website. See our Privacy Policyin the Customer Servicesection at the end of this page to learn more.

However, it is important to note that the system must also
provide a record of when data is accessed and by whom. For compliance with the access
management aspects of the GDPR, the system used must be demonstrably
restrictive and hierarchical.

This compliance goal of the GDPR clearly can't be achieved
if physical keys are being used to control access to data cabinets, filing
cabinets etc.
Even if it were possible to track the use of physical keys,
keeping unencrypted logs or paper records of who uses these keys is completely
impractical, prone to inaccuracy and manipulation, not to mention the fact that
the access logs themselves would become a GDPR issue.

There are of course a number of other very obvious dangers
in using mechanical key locks in a physical GDPR role that the safe and vault
community have been aware of for a number of years.

Accessing mechanical lock systems by non-invasive combination
lock manipulation or lock picking has become so popular that there are now lock
picking hobby groups in most countries in the world. This hobby is commonly referred
to as
Locksport. Tools and instructions on lock picking are freely available on
the internet and the activity is growing and quite widespread.

Of the two common mechanical lock types (the key lock and
the combination lock) the key lock is obviously the most easily bypassed. A mechanical
key being just a shaped piece of metal, can be very easily copied even from a
photograph and copies of keys can be created more easily than ever with the use
of 3D printing for example.

When it comes to mechanical combination locks the story is a
similar one. Combination locks work by rotating a series of wheels called
"wheel packs" with a gap cut into them so that they line up and allow
a mechanical lever attachment known as a "fence" to drop into it and
operate the lock. Locksport enthusiasts all over the world constantly exchange
knowledge and techniques in defeating both antiquated locking methods.

All in all, it's safe to say that for secure applications the
mechanical key, or mechanical combination lock, has been unfit for purpose for many
years now.

Time For A Practical Solution
To Physical GDPR Compliance

Audit logs can be easily downloaded and viewed by the data
controller via an inbuilt USB download facility, but the log will automatically
erase after 1000 entries, completely compliant with the limited data retention
aspect of the GDPR.

Sargent And Greenleaf audit trails are in themselves GDPR
compliant as users are identified by audit ID number only, so only the data
controller that authorised the access can identify the specific user. These new
practical and eminently affordable locks are fully certified for use on safes
and vaults up to grade V with high level security protocols built on proven
A-series ATM lock and CIT technology.

Software for basic GDPR operation is provided free of charge.

With the system already having been adopted by high profile businesses
such as
PayPal Worldwide and Grant Thornton, Sargent And Greenleaf A-series audit
locks take away the burden of GDPR compliance freeing up staff and administration
time for other tasks, so, when it comes to controlling physical access to files
and physical media the new
Sargent And Greenleaf GDPR audit lock system is simple
21
st century answer to physical GDPR compliance.

The Sargent And Greenleaf GDPR Audit Lock

USB Audit Lock Features:

Audit trail

1,000 event-, time- and date-stamped audit trail.

Fast download to USB flash drive and can be saved as PDF, Excel, Word or Txt file.

Field programability

Via keypad for single control, dual control and manager/employee modes (up to 100 users).